Some Best Practices for Keeping Your Student Data Secure

Don’t share your credentials with anyone else. Every user should have a unique Username and Password.

Don’t send usernames and passwords together. This would include sending an email that lets a user know to use her email as the username and includes her password. If you need to send credentials, use different modes of communication for the username and the password.

Choose a password that is complex (“strong”). We help you do this by requiring it be a certain length and mix of characters.

Choose a password that is memorable so you don’t have to write it down (we suggest the first letter of each word in a phrase or song lyric you like)

Practical Policies

Implement a “removable media” policy that restricts or prohibits the use of flash drives, external hard drives, removable disks, and other writable media that includes student data.

Support a culture of data awareness. Data security and cloud-based software may be new to many people in your organization. Make sure that everyone knows where to turn when they have questions, and encourage people to ask before they act if they’re unsure about something.

Limit the number of people in your district who are authorized to accept a vendor’s Terms of Service on behalf on the entire organization.

Physical Security

Lock or log out of your computer when you step away from it. We automatically log you out of Schoolzilla after 30 minutes of inactivity, but we highly recommend getting in the habit of locking your computer, as it is the best protection against someone unauthorized using your computer while you step away for 5 minutes.

Reminding other users at your school and district of these practices on a regular basis, and why they are important.